Articles

• Website
• TEE plugin for ELIZA (using dstack from Phala)
• Website
• Website
• Website - Network GitHub](https://github.com/Phala-Network)
• Website
• Website - labs GitHub](https://github.com/ava-labs)
• Website
• Website - protocol GitHub](https://github.com/ten-protocol)
• Website
• Website
• Website
• Website - tech GitHub](https://github.com/quex-tech)

Security Articles

• The Future of MEV is SUAVE
• Unichain

OpenTitan

• OpenTitan

Articles

• lowRISC/opentitan - Open source silicon root of trust.
• Secure Encrypted Virtualization-Trusted I/O (SEV-TIO) - Improved I/O performance and security in AMD SEV-SNP guests.
• Trust Domain Extensions (TDX) - Latest Hardware-based TEE architecture from Intel.
• Hopper Architecture - Accelerated computing platform for AI.
• Software Guard Extensions (SGX) - Protects data actively being used in the processor and memory by creating a TEE.
• Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) - Expands on SEV, adds memory integrity protection to help prevent malicious hypervisor-based attacks.
• Secure Encrypted Virtualization (SEV) - Hardware-based memory encryption through the AMD Secure Processor.
• H100 TensorCore GPU - Hardware-based trusted execution environment with NVIDIA Hopper and NVIDIA Blackwell architecture support.
• Blackwell Architecture - Latest HW generation with accelerated computing and generative AI optimizations.
• Advanced Matrix Extensions (AMX) - Accelerator to improve the performance of deep-learning training and inference on the CPU.
• Confidential Compute Architecture (CCA) - Under development. Key component of the Armv9-A architecture.
• TrustZone - Isolates critical security firmware, assets and private information for Armv8-M based devices.

Security Articles

• OP-TEE - Companion TEE for a non-secure Linux kernel running on ARM; Cortex-A cores using the TrustZone technology.

Asset Management

• Website
• Website - mobile GitHub](https://github.com/solana-mobile)

Privacy

• Website

General Compute

• Website - network GitHub](https://github.com/automata-network)

Rust

• Phala-Network/phala-blockchain - The Phala Network Blockchain, pRuntime and the bridge.
• Dstack-TEE/dstack - Dstack is a developer friendly and security first SDK to simplify the deployment of arbitrary Docker-based apps into TEE.
• marlinprotocol/oyster-serverless - Oyster Serverless is a cutting-edge, high-performance serverless computing platform designed to securely execute JavaScript (JS) and WebAssembly (WASM) code in a highly controlled environment.
• kata-containers/kata-containers - Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs.
• taikoxyz/raiko - Multi-proofs for Taiko. SNARKS, STARKS and Trusted Execution Enclave.
• confidential-containers/guest-components - Confidential Containers Guest Tools and Components.
• kinvolk/azure-cvm-tooling - Libraries and tools for Confidential Computing on Azure.
• HyperEnclave/hyperenclave - An Open and Cross-platform Trusted Execution Environment.
• mobilecoinfoundation/mobilecoin - Private payments for mobile devices.
• integritee-network/worker - Integritee off-chain worker and sidechain validateer.
• capsule-corp-ternoa/ternoa-node - Ternoa's Node Implementation.
• automata-network/automata - Automata Network is a modular attestation layer that extends machine trust to Ethereum with TEE Coprocessors.
• apache/incubator-teaclave - Apache Teaclave (incubating) is an open source universal secure computing platform, making computation on privacy-sensitive data safe and simple.
• scrtlabs/incubator-teaclave-sgx-sdk - Rust SGX SDK provides the ability to write Intel SGX applications in Rust Programming Language. Fork of `apache/incubator-teaclave-sgx-sdk`.
• MystenLabs/nautilus - Nautilus: Verifiable offchain computation on Sui.
• enarx/drawbridge - A Confidential Computing-Aware Workload Repository.
• enarx/steward - A Confidential Computing-Aware Certificate Authority.

CPP

• intel/linux-sgx - Intel SGX SDK and Platform Software (PSW) for Linux.
• NixOS/nix - Nix, the purely functional package manager.
• microsoft/azure-tee-attestation-samples - Trusted Execution Environment examples leveraging attestations on Azure.
• lsds/Teechain - Teechain: A Secure Payment Network with Asynchronous Blockchain Access.
• skalenetwork/sgxwallet - Opensource high-performance hardware secure crypto wallet that is based on Intel SGX technology. First opensource product on Intel SGX whitelist. Scales to 100,000+ transactions per second. Currently supports ETH and SKALE, and will support BTC in the future. Sgxwallet is under heavy development and use by SKALE network.
• hyperledger-labs/private-data-objects - The Private Data Objects lab provides technology for confidentiality-preserving, off-chain smart contracts.

C

• pietroborrello/CustomProcessingUnit - The first analysis framework for CPU microcode.
• iisec-suzaki/optee-ra - OP-TEE Remote Attestation.
• openenclave/openenclave - SDK for developing TEE applications (enclaves) across different hardware platforms (SGX, OP-TEE).
• deislabs/mystikos - Tools and runtime for launching unmodified container images in Trusted Execution Environments.
• mofanv/PPFL - Privacy-preserving Federated Learning with Trusted Execution Environments.
• inclavare-containers/inclavare-containers - A novel container runtime, aka confidential container, for cloud-native confidential computing and enclave runtime ecosystem.
• gramineproject/gramine - A library OS for Linux multi-process applications, with Intel SGX support.

Go

• Microsoft/confidential-container-demos - Demos for running containers in confidential environments on Azure.
• google/go-tpm-tools - Go packages built on go-tpm providing a high-level API for using TPMs.
• google/go-sev-guest - Library to wrap the /dev/sev-guest device in Linux, as well as a library for attestation verification of fundamental components of an attestation report.
• google/go-tdx-guest - Library to wrap the /dev/tdx-guest device in Linux, as well as a library for attestation verification of fundamental components of an attestation quote.
• hyperledger/fabric-private-chaincode - FPC enables Confidential Chaincode Execution for Hyperledger Fabric using Intel SGX.
• matter-labs/vault-auth-tee - Hashicorp Vault plugin for authenticating Trusted Execution Environments (TEE) like SGX enclaves.
• usbarmory/GoTEE - Go Trusted Execution Environment (TEE).
• iotexproject/w3bstream - An offchain computing layer for DePIN verifiable data computation, supporting a variety of validity proofs including Zero Knowledge (ZK), Trusted Execution Environments (TEE), and Multi-party Computation (MPC).
• oasisprotocol/oasis-core - Performant and Confidentiality-Preserving Smart Contracts + Blockchains.

Others

• ethernity-cloud/mvp-pox-node - Ethernity Cloud Node.
• tkhq/sdk - Turnkey TypeScript SDK.
• enarx/enarx - Enarx: Confidential Computing with WebAssembly.
• flashbots/yocto-manifests - Repo Manifests for the Yocto Project Build System for reproducible TEE builds
• aws/uefi - EDK2 changes for reproducible UEFI binaries on Nitro.

Articles

• Demystifying SGX — Part 1 - Obscuro Labs
• Block Building inside SGX - Flashbots Writings
• Running Geth within SGX: Our Experience, Learnings and Code - Flashbots Writings
• A Survey of Published Attacks on Intel SGX - Nilsson et al. (2020)
• Plundervolt: Software-based Fault Injection Attacks against Intel SGX - Murdock et al. (2020)
• Sirrah: Speedrunning a TEE Coprocessor - Flashbots Writings
• How Secret Network Uses SGX - Secret Network
• TEE-based Smart Contracts and Sealing Pitfalls - IC3
• Intel SGX and Blockchain: The iExec End-to-End Trusted Execution Solution - iExec
• Blockchains + TEEs Day 1 Summary - Decentralized Thoughts
• Blockchains + TEEs Day 2 Summary - Decentralized Thoughts
• Intel SGX Explained - V. Costan and S. Devada (MIT)
• A few notes on AWS Nitro Enclaves: Attack surface - Trail of Bits Blog
• Early Thoughts on Decentralized Root-of-Trust - Flashbots Collective
• Drawbacks In FHE Blockchain And How TEE Can Help It - Flashbots Collective
• Building Secure Ethereum Blocks on Minimal Intel TDX Confidential VMs - Flashbots Collective
• Securing TEE Apps: A Developer's Guide - Bedlam Research
• SGX-Based Backrunning and Covert Channels - Flashbots Writings
• MEV-SGX - A sealed bid MEV auction design - Eth Research
• TDX Security For BOB Searchers, Flashbots
• Nix + Bazel: Fully reproducible, incremental builds - Tweag
• Proprietary binary provisioning within TEEs - fnerdman

Beginner Articles

• Blockchain Privacy and Security in Data Computation

• 4 Ways to Compare Trusted Execution Environments and Zero-Knowledge Proofs
• What is a Trusted Execution Environment (TEE)? - Halborn
• Blockchain x TEE: Why Various Forefront Projects are Adopting TEE - TOKI
• Why trusted execution environments will be integral to proof-of-stake blockchains
• Blockchains in Trusted Execution Environments (TEEs)
• What apps are unlocked by the TEE stack - Xinyuan Sun, Modular Summit 2024
• DEVMOS 2024: Dylan Kawalec (Osmosis), 'Building Decentralized Frontends', Modular Summit 2024
• How to Win Friends and TEE-fluence People - Ethan Buchman, Modular Summit 2024
• The TEE Stack - Andrew Miller, Modular Summit 2024
• Private Smart Contracts are Worth the Price of the SGX - Andrew Miller, ETHDenver 2023
• Protected Order Flow for Fair Transaction-Ordering in a Profit-Seeking World - Kushal Babel, MEV-SBC 2023
• Trusted Execution Environments Meet the Blockchain - Ittay Eyal, Simons Institute 2019
• Parallelized Confidential Computing - Yannik Schrade, Fil Dev Summit 2024
• TEE for Blockchain Applications - Ari Juels, a16z crypto 2023
• Verifiable Off-chain Compute: Enabling an Instagram-like experience for Web3 - Florin Digital
• Enabling Cross Chain Transfers Using SGX - Michael Kaplan, Avalanche Summit 2022
• Phala Network: 'The Magic of TEEs' - Online Workshop on TEE Basics
• Blockchains + TEEs 2023: Day 1 - Kartik Nayan, Ittai Abraham, Aniket Kate
• SGX Panel 2023: Andrew Miller, Jonathan Passerat Palmbach, Phil Daian, Justin Drake
• Blockchains + TEEs 2023: Day 2 - Kartik Nayan, Ittai Abraham, Aniket Kate
• An intro to SGX & Enclave-based API with Kevin Yu | ETHDenver Privacy Workshop
• TEE-based Web2 User Data Attestations

Advanced Articles

• Trusted Execution Environments and the Polkadot Ecosystem

Articles

• Confidential Space - Supports trust model where the workload author, workload operator, and resource owners are separate, mutually distrusting parties.
• Confidential Accelerator for AI workloads - Supports Intel TDX with Intel AMX, and NVIDIA H100 GPUs.
• Confidential VMs - Supports AMD SEV, AMD SEV-SNP, and Intel TDX.
• Confidential VM attestation - Attestation support for AMD SEV (vTPM), AMD SEV-SNP (vTPM and TSM), and Intel TDX (vTPM and TSM).
• Nitro
• Nitro Enclaves
• Azure Confidential VM
• OCI Confidential Compute
• ECS Confidential Computing

Rollups

• Website

Privacy

• Website

Others

• orbstack/orbstack - Fast, light, simple Docker containers & Linux machines.
• bpradipt/awesome-confidential-computing - Collection of resources on Confidential Computing.
• erayack/awesome-sgx-blockchain - Awesome SGX and TEE on Blockchain Resources.
• TEE Bible - Your First Stop for TEE in Crypto.
• sbellem/qtee - Exploring the physical limits of trusted hardware in the classical and quantum settings to achieve security through physics.

TS

• Trusted Execution Environments and the Polkadot Ecosystem
• Verifiable Off-chain Compute - Florin Digital

Python

• Trustless Execution Environments - David Atterman

Articles

• SecScale: A Scalable and Secure Trusted Execution Environment for Servers - A. Sunny, N. Shrivastava, S., and R. Sarangi, arXiv, 2024.
• A Distributed Efficient Blockchain Oracle Scheme for Internet of Things - Y. Xian, L. Zhou, J. Jiang, B. Wang, H. Huo, and P. Liu, arXiv, 2023.
• CHEX‑MIX: Combining Homomorphic Encryption with Trusted Execution Environments for Two‑party Oblivious Inference in the Cloud - D. Natarajan, A. Loveless, W. Dai, and R. Dreslinski, Cryptology ePrint Archive, 2021.
• When Blockchain Meets SGX: An Overview, Challenges, and Open Issues - Z. Bao, Q. Wang, W. Shi, L. Wang, H. Lei, and B. Chen, IEEE, 2020.
• Ekiden: A Platform for Confidentiality‑Preserving, Trustworthy, and Performant Smart Contracts - R. Cheng, F. Zhang, J. Kos, W. He, N. Hynes, N. Johnson, A. Juels, and A. Miller, IEEE, 2019.
• Red Team vs. Blue Team: A Real‑World Hardware Trojan Detection Case Study Across Four Modern CMOS Technology Generations - E. Puschner, T. Moos, S. Becker, C. Kison, A. Moradi, and C. Paar, Cryptology ePrint Archive, 2022.
• Confidential Computing on nVIDIA H100 GPU: A Performance Benchmark Study - J. Zhu, H. Yin, P. Deng, and S. Zhou, arXiv, 2024.
• Towards Validation of TLS 1.3 Formal Model and Vulnerabilities in Intel's RA‑TLS Protocol - M. U. Sardar, A. Niemi, H. Tschofenig, and T. Fossati, IEEE, 2024.
• Confidential Federated Computations - H. Eichner, D. Ramage, K. Bonawitz, D. Huba, et al., arXiv, 2024.
• Teamwork Makes TEE Work: Open and Resilient Remote Attestation on Decentralized Trust - X. Zhang, K. Qin, S. Qu, T. Wang, C. Zhang, and D. Gu, arXiv, 2024.
• SoK: Hardware‑supported Trusted Execution Environments - M. Schneider, R. J. Masti, S. Shinde, S. Capkun, and R. Perez, arXiv, 2022.
• Lessons Learned from Blockchain Applications of Trusted Execution Environments and Implications for Future Research - R. Karanjai, L. Xu, L. Chen, F. Zhang, Z. Gao, and W. Shi, arXiv, 2022.
• Extending On‑chain Trust to Off‑chain - Trustworthy Blockchain Data Collection using Trusted Execution Environment (TEE) - C. Liu, H. Guo, M. Xu, S. Wang, D. Yu, J. Yu, and X. Cheng, arXiv, 2021.
• Performance of Confidential Computing GPUs - A. M. Ibarra, J. J. Stephen, A. G. Vidal, K. R. Jayaram, and A. F. Gomez, arXiv, 2025.
• TeeRollup: Efficient Rollup Design Using Heterogeneous TEE - X. Wen, Q. Feng, H. Lyu, J. Niu, Y. Zhang, and C. Feng, arXiv, 2025.
• Intel TDX Demystified: A Top‑Down Approach - P. Chen, W. Ozga, E. Valdez, S. Ahmed, Z. Gu, H. Jamjoom, U. Franke, and J. Bottomley, arXiv, 2023.
• SoK: TEE‑assisted Confidential Smart Contract - R. Li, Q. Wang, Q. Wang, D. Galindo, and M. Ryan, arXiv, 2022.
• Teechain: A Secure Payment Network with Asynchronous Blockchain Access - J. Lind, O. Naor, I. Eyal, F. Kelbert, P. Pietzuch, and E. Gun Sirer, arXiv, 2017.
• SoK: A cloudy view on trust relationships of CVMs -- How Confidential Virtual Machines are falling short in Public Cloud - J. Eisoldt, A. Galanou, A. Ruzhanskiy, N. Küchenmeister, Y. Baburkin, T. Dai, I. Gudymenko, S. Köpsell, and R. Kapitza, arXiv, 2025.
• NVIDIA GPU Confidential Computing Demystified - Z. Gu, E. Valdez, S. Ahmed, J. J. Stephen, M. Le, H. Jamjoom, S. Zhao, and Zhiqiang Lin, arXiv, 2025.
• Blockchain‑based Federated Learning with Secure Aggregation in Trusted Execution Environment for Internet‑of‑Things - A. P. Kalapaaking, I. Khalil, M. S. Rahman, M. Atiquzzaman, X. Yi, and M. Almashor, arXiv, 2023.
• Giving State to the Stateless: Augmenting Trustworthy Computation with Ledgers - G. Kaptchuk, I. Miers, and M. Green, Cryptology ePrint Archive, 2017.

Python

• How to Win Friends and TEE-fluence People - Ethan Buchman, Modular Summit 2024
• DEVMOS 2024: Dylan Kawalec (Osmosis), 'Building Decentralized Frontends', Modular Summit 2024
• The TEE Stack - Andrew Miller, Modular Summit 2024
• Parallelized Confidential Computing - Yannik Schrade, Fil Dev Summit 2024
• TEE for Blockchain Applications - Ari Juels, a16z crypto 2023
• Private Smart Contracts are Worth the Price of the SGX - Andrew Miller, ETHDenver 2023
• Protected Order Flow for Fair Transaction-Ordering in a Profit-Seeking World - Kushal Babel, MEV-SBC 2023
• Blockchains + TEEs 2023: Day 1 - Kartik Nayan, Ittai Abraham, Aniket Kate
• Blockchains + TEEs 2023: Day 2 - Kartik Nayan, Ittai Abraham, Aniket Kate
• SGX Panel 2023: Andrew Miller, Jonathan Passerat Palmbach, Phil Daian, Justin Drake
• Enabling Cross Chain Transfers Using SGX - Michael Kaplan, Avalanche Summit 2022
• Trusted Execution Environments Meet the Blockchain - Ittay Eyal, Simons Institute 2019

Others

• @buchmanster, TEE, ZK, FHE and MPC
• @buchmanster, How you win friends and TEE-fluence people - Chapter 2
• Confidential Containers Community - Open-source project enabling cloud-native confidential computing by shielding containerized workloads.
• Confidential Computing Consortium - Linux Foundation project advancing confidential computing.
• Flashbots Collective Forum - Discussions often touch on TEE usage for MEV mitigation and block building.
• @P3b7\_, Donjon Ledger analysis of Trezor Safe 3
• @CP2426\_, focEliza Verifiable Terminal Release
• @\_markel\_\_\_, Extraction of Intel SGX Fuse Key0
• @PratyushRT, Breakdown of the Intel SGX (TEE) breach
• @DistributedMarz, Flashwares Live Session

WASM

• Blockchains + TEEs Workshop - Academic workshop focused on the intersection of blockchains and TEEs.
• AI Confidential - Podcast and newsletter.

TEE SDKs & Frameworks

• Gramine Project - Library OS, allowing unmodified Linux applications to run in Intel SGX enclaves.
• apache/incubator-teaclave-sgx-sdk - Apache Teaclave (incubating) SGX SDK helps developers write Intel SGX applications in the Rust programming language.

Technical Deep Dive Articles

• We call this kernel saunters: How Apple rearranged its XNU core with exclaves - The Register

Others

• CVE‑2018‑12126 - 2018-12127), [CVE‑2018‑12130](https://nvd.nist.gov/vuln/detail/CVE-2018-12130), [CVE‑2019‑11091](https://nvd.nist.gov/vuln/detail/CVE-2019-11091) | Leakage from CPU buffers into enclaves/VMs | Microcode buffer clearing, stronger serialization, sometimes disable HT |
• CVE‑2019‑11157
• CVE‑2019‑11135
• 1611.06952
• CVE‑2020‑0551
• CVE‑2020‑0549
• CVE‑2020‑0543
• CVE‑2022‑21233
• CVE‑2022‑40982
• CVE‑2023‑20569
• CVE‑2018‑3615 - 2018-3620), [CVE‑2018‑3646](https://nvd.nist.gov/vuln/detail/CVE-2018-3646) | Read enclave/VM/kernel secrets via L1D leaks | Microcode updates, L1D flush on enclave transitions, OS patches, SGX TCB recovery |
• 1812.01129